Abstract
We are now in an era of cyberconflict, where nation states, in addition to private entities and individual actors, are attacking each other through Internet-based mechanisms. This incorporates cyberespionage, cybercrime, and malware attacks, with the end goal being intellectual property, state secrets, identity information, and monetary gain. Methods of deterring cybercrime ultimately require effective attribution; otherwise, the threat of consequences for malicious online behaviour will be diminished. This chapter reviews the state of the art in attribution in cyberspace, arguing that due to increases in the technical capability of the most recent advances in cyberconflict, models of attribution using network traceback and explicit identifiers (i.e. direct models) are insufficient build trustworthy models. The main cause of this is the ability of adversaries to obfuscate information and anonymise their attacks from direct attribution. Indirect models, in which models of attacks are built based on feature types and not explicit features, are more difficult to obfuscate and can lead to more reliable methods. There are some issues to overcome with indirect models, such as the complexity of models and the variations in effectiveness, which present an interesting and active field of research.
| Original language | English |
|---|---|
| Title of host publication | Handbook of research on digital crime, cyberspace security, and information assurance |
| Editors | Maria Manuela Cruz-Cunha, Irene Maria Portela |
| Publisher | IGI Global |
| Pages | 245-262 |
| Number of pages | 18 |
| ISBN (Electronic) | 9781466663275, 9781466663251 |
| ISBN (Print) | 9781466663244 |
| DOIs | |
| Publication status | Published - 2015 |
| Externally published | Yes |